Critical Vulnerability Found in SkypeAdded: Friday, November 16th, 2012
Category: About Torrents > Staying Safe And Secure
Tags:ET, p2p, Torrent, Piracy, Peer To Peer, Network, Hackers, Internet, BitTorrent, Google, utorrent, bitcomet, extratorrent, 2010, www.extratorrent.com
A critical vulnerability was found in voice and video service of Skype, which allows any account to be hacked. To do this you only need to know the email address of the victim.
Hacking scheme is as follow:
you need to register a new Skype name at the victim’s e-mail (this is technically possible).
Then you need to enter skype with the new account, delete all cookies and request password recovery.
After that, you will see a "password token" notification in the Skype window with a link.
When user follows this link, they can select which Skype name registered at that e-mail they want to change a password for. Among these names there will be both the one that has just been registered to someone else’s e-mail and the name of the owner of that email.
Thus, without access to someone else's mailbox and without knowing the old password, you can change someone else's password.
The hacking procedure was demonstrated in the video of @asintsov Twitter user (shortly after being posted the video was removed and is currently unavailable). Skype representatives had no immediate comment on the vulnerability, and the information is only available in Russian web.
The feature of the vulnerability is that an attacker can’t entirely deprive the account owner of access to it, because the owner will receive e-mail notification of the password change. The only solution the Russian users believe exists is to re-register Skype name to e-mail which no one knows and which isn’t in any database.
Anton Nosik, the famous Russian blogger, admitted that’s how his Skype account was hacked. Blogger Ilya Varlamov made the similar statement.
Friday, November 16th, 2012
|Skype crap, down the drain where it belongs.|
|I wonder why people are on the internet at all. all they do is hate everything. NOTHING is perfect and never really will be, thats why software is always under development, Thanks for the heads up|
|I agree to a point I will say again its better on a mobile device then it is on the PC due to a good Article above|
|posted by (2012-11-16 17:09:43)|
|@tonymengela: software is soposta be 99% bug free BEFORE it gets released. most of today's software is 99% bug infected and don't work, so that's y people bitch.|
and this IS y I NEVER use skype.
|posted by (2012-11-16 17:36:04)|
|@clamo: you don't use skype because most of today's software is 99% bug infected and don't work? So what 99% bug-laden piece of software did you use to boot your computer up, connect to the internet, log into this website and type your comment on? Software is not "99% bug infected" in general and some software is very complicated. This particular security bug is pretty egregious, but come on.. it happens.|
|posted by (2012-11-16 17:47:49)|
|skype has been vulnarable for ages why they see this just now?|
|posted by (2012-11-16 17:49:10)|
|damn u was only just saying we need to go from msn to skype,, NOW ur saying skypes fooked up? greta stuff|
|posted by (2012-11-16 18:54:41)|
|thats like last years news|
|what you can do on skype, you can do on facebook; mobile phone; ps3; xbox; smart tv...|
|There is no such thing as being|
100% immune from hacking. There
will always be someone to find
a way in. It's just the nature
of the beast. It's why we are
all here. Face it!
|@wenex: clamo has something of a point with software ideally being "bug-minimal" prior to release to the general public (at least paid software which is being charged for by major corporations) which will be used by a large portion of the online community.|
However, there are many, many very curious, very intelligent people who focus on little else but examining possible vulnerabilities in such software, so will we ever see truly "bug" or vulnerability-free software?
By the way, clamo does not subscribe to the belief that running anti-virus software is beneficial. Just ask.
|Thanks Sam for the info.|
|posted by (2012-11-17 15:07:46)|
|SkyHolo would only have one emiting light when a call to someone is processed.|
Funny, would Advertising appear instead in retrospec on the main line while hackers keep watch with powerful high-tech bots.
When conversation permits an attack from hackers, they move forward and ground is lost, Forever.
You know, syncronizing is that bad.
I vote for M.P.
Only if it works out for the best.
Kids are at stake, let alone the sensiable people.
|posted by (2012-11-18 02:12:43)|
|@wenex: Windows 7 is always 99% bug infected, other wise y do they keep finding loads of flaws in it and punting out patches all the time.|
firefox keeps having major issues now, all the new versions after 8 have had major issues found in them. I was running 8 and let it auto upgrade to the latest build and rebooted the program only to see the issues come back. in fact I remember when windows 3.1 was the last OS that hardly EVER needed an update to work the way it was meant to OUT OF THE BOX. I am not saying that 98 and XP were not good but they had WAY more issues than they should have had. hence y 98se hit the scene, over 10.000 bug fixes. ya y wasn't they fixed the 1st time?
and yes OpenMinder is correct, I don't believe in paid anti virus programs as Ive used them for a long time and the free software works better, but still NOT 100%, so I refrain from going to websites that I know are infected. like PORN sites.
|I don't want to turn this into a conversation|
about which antivirus version to use, but I have
been working with computers for a number of years
and have always used the free versions. The only
difference in the free and paid versions is the
bells and whistles. The signature data bases
(aka definitions) are the same between free and paid.
It is the definitions which protect your computer.
I would also like to add that an antivirus alone
is no longer sufficient. It requires a combination
of elements including browser ad-ons which block ads
It seems the most common intrusions these days are
coming from scripts which run without your knowledge
just by visiting website. I would never be so cocky as
to say my computer is invincible, but I go to any site
I want and never get malware. I use Avast free, Malwarebytes Pro, AdBlock Plus and I pay attention to site adviser warnings. Regardless, user discretion is always the best preventive tool.
|This hack won't work . it might have once but not anymore . very simple to fix . you might still be able to register and access the new account but not retrieve or reset all passwords for all accounts from a link .|
|posted by (2012-11-18 21:05:10)|
|Thanks SaM always appreciate all of your info.|
|WTF.........people never wana live in peace, neither in real nor in virtual......SKype, msn yahoo is to make frnds...know the people around theglobe...stay active socially...but those @%&#%$# have made this a platform for fight.....!!!|
|i need sexy girls!!!! sharif.farahmand is my skype||
Most Popular Stories